CVE-2025-47389 PUBLISHED

Buffer Copy Without Checking Size of Input in Automotive Platform

Assigner: qualcomm
Reserved: 06.05.2025 Published: 06.04.2026 Updated: 06.04.2026

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.8

Product Status

Vendor Qualcomm, Inc.
Product Snapdragon
Versions Default: unaffected
  • Version AR8035 is affected
  • Version Cologne is affected
  • Version CSRA6620 is affected
  • Version CSRA6640 is affected
  • Version FastConnect 6200 is affected
  • Version FastConnect 6700 is affected
  • Version FastConnect 6800 is affected
  • Version FastConnect 6900 is affected
  • Version FastConnect 7800 is affected
  • Version FWA Gen 3 Ultra Platform is affected
  • Version G2 Gen 1 is affected
  • Version IQ6 Series Platform is affected
  • Version IQ8 Series Platform is affected
  • Version IQ9 Series Platform is affected
  • Version LeMans_AU_LGIT is affected
  • Version LeMansAU is affected
  • Version Milos is affected
  • Version Monaco_IOT is affected
  • Version Netrani is affected
  • Version Orne is affected
  • Version Palawan25 is affected
  • Version Pandeiro is affected
  • Version QAM8255P is affected
  • Version QAM8295P is affected
  • Version QAM8397P is affected
  • Version QAM8620P is affected
  • Version QAMSRV1H is affected
  • Version QAMSRV1M is affected
  • Version QCA6174A is affected
  • Version QCA6391 is affected
  • Version QCA6574 is affected
  • Version QCA6574A is affected
  • Version QCA6574AU is affected
  • Version QCA6584AU is affected
  • Version QCA6595 is affected
  • Version QCA6595AU is affected
  • Version QCA6678AQ is affected
  • Version QCA6688AQ is affected
  • Version QCA6696 is affected
  • Version QCA6698AQ is affected
  • Version QCA6797AQ is affected
  • Version QCA8081 is affected
  • Version QCA8337 is affected
  • Version QCA8695AU is affected
  • Version QCC710 is affected
  • Version QCM2290 is affected
  • Version QCM5430 is affected
  • Version QCM6125 is affected
  • Version QCM6490 is affected
  • Version QCN6224 is affected
  • Version QCN6274 is affected
  • Version QCS2290 is affected
  • Version QEP8111 is affected
  • Version QFW7114 is affected
  • Version QFW7124 is affected
  • Version QLN1083BD is affected
  • Version QLN1086BD is affected
  • Version QMP1000 is affected
  • Version QPA1083BD is affected
  • Version QPA1086BD is affected
  • Version Qualcomm Video Collaboration VC1 Platform is affected
  • Version Qualcomm Video Collaboration VC3 Platform is affected
  • Version QXM1083 is affected
  • Version QXM1086 is affected
  • Version QXM1093 is affected
  • Version QXM1094 is affected
  • Version QXM1095 is affected
  • Version QXM1096 is affected
  • Version Robotics RB2 Platform is affected
  • Version SA6145P is affected
  • Version SA6150P is affected
  • Version SA6155P is affected
  • Version SA7255P is affected
  • Version SA7775P is affected
  • Version SA8145P is affected
  • Version SA8150P is affected
  • Version SA8155P is affected
  • Version SA8195P is affected
  • Version SA8255P is affected
  • Version SA8295P is affected
  • Version SA8540P is affected
  • Version SA8620P is affected
  • Version SA8770P is affected
  • Version SA9000P is affected
  • Version SAR1165P is affected
  • Version SC8380XP is affected
  • Version SD865 5G is affected
  • Version SM6650P is affected
  • Version SM7325P is affected
  • Version SM7435 is affected
  • Version SM7635P is affected
  • Version SM7675 is affected
  • Version SM7675P is affected
  • Version SM8635 is affected
  • Version SM8635P is affected
  • Version SM8650Q is affected
  • Version SM8750P is affected
  • Version Snapdragon 4 Gen 1 Mobile Platform is affected
  • Version Snapdragon 4 Gen 2 Mobile Platform is affected
  • Version Snapdragon 460 Mobile Platform is affected
  • Version Snapdragon 480 5G Mobile Platform is affected
  • Version Snapdragon 480+ 5G Mobile Platform is affected
  • Version Snapdragon 6 Gen 1 Mobile Platform is affected
  • Version Snapdragon 6 Gen 3 Mobile Platform is affected
  • Version Snapdragon 6 Gen 4 Mobile Platform is affected
  • Version Snapdragon 662 Mobile Platform is affected
  • Version Snapdragon 690 5G Mobile Platform is affected
  • Version Snapdragon 695 5G Mobile Platform is affected
  • Version Snapdragon 778G 5G Mobile Platform is affected
  • Version Snapdragon 778G+ 5G Mobile Platform is affected
  • Version Snapdragon 782G Mobile Platform is affected
  • Version Snapdragon 7c+ Gen 3 Compute is affected
  • Version Snapdragon 7s Gen 3 Mobile Platform is affected
  • Version Snapdragon 8 Elite is affected
  • Version Snapdragon 8 Elite Gen 5 is affected
  • Version Snapdragon 8 Gen 3 Mobile Platform is affected
  • Version Snapdragon 865 5G Mobile Platform is affected
  • Version Snapdragon 865+ 5G Mobile Platform is affected
  • Version Snapdragon 870 5G Mobile Platform is affected
  • Version Snapdragon 888 5G Mobile Platform is affected
  • Version Snapdragon 888+ 5G Mobile Platform is affected
  • Version Snapdragon AR1 Gen 1 Platform is affected
  • Version Snapdragon AR1+ Gen 1 Platform is affected
  • Version Snapdragon Auto 5G Modem-RF Gen 2 is affected
  • Version Snapdragon X32 5G Modem-RF System is affected
  • Version Snapdragon X35 5G Modem-RF System is affected
  • Version Snapdragon X53 5G Modem-RF System is affected
  • Version Snapdragon X55 5G Modem-RF System is affected
  • Version Snapdragon X72 5G Modem-RF System is affected
  • Version Snapdragon X75 5G Modem-RF System is affected
  • Version Snapdragon XR2 5G Platform is affected
  • Version Snapdragon XR2+ Gen 1 Platform is affected
  • Version SRV1H is affected
  • Version SRV1L is affected
  • Version SRV1M is affected
  • Version SW6100 is affected
  • Version SW6100P is affected
  • Version SXR2330P is affected
  • Version SXR2350P is affected
  • Version Themisto is affected
  • Version WCD9335 is affected
  • Version WCD9340 is affected
  • Version WCD9370 is affected
  • Version WCD9375 is affected
  • Version WCD9378 is affected
  • Version WCD9378C is affected
  • Version WCD9380 is affected
  • Version WCD9385 is affected
  • Version WCD9390 is affected
  • Version WCD9395 is affected
  • Version WCN3910 is affected
  • Version WCN3950 is affected
  • Version WCN3980 is affected
  • Version WCN3988 is affected
  • Version WCN6450 is affected
  • Version WCN6650 is affected
  • Version WCN6755 is affected
  • Version WCN7860 is affected
  • Version WCN7861 is affected
  • Version WCN7880 is affected
  • Version WCN7881 is affected
  • Version WSA8810 is affected
  • Version WSA8815 is affected
  • Version WSA8830 is affected
  • Version WSA8832 is affected
  • Version WSA8835 is affected
  • Version WSA8840 is affected
  • Version WSA8845 is affected
  • Version WSA8845H is affected
  • Version X2000077 is affected
  • Version X2000086 is affected
  • Version X2000090 is affected
  • Version X2000092 is affected
  • Version X2000094 is affected
  • Version XG101002 is affected
  • Version XG101032 is affected
  • Version XG101039 is affected
  • Version XRV7209 is affected
  • Version XRV9209 is affected

References

Problem Types

  • CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow') CWE